Abstract
The article is relevant, as it provides an assessment of the information security of universities. Ensuring the security of corporate information, which is increasingly stored, processed and disseminated using information and communication technologies (ICT). This is a particularly important problem for knowledge-intensive organizations such as universal ones; the effective conduct of their main educational activities and research activities increasingly depends on the availability, integrity and accuracy of computer information resources. One of the more important mechanisms to reduce the number of security breaches, and thus corporate information, is the development and implementation of a formal information security policy (ISP). Although much has now been written about the importance and role of information security policies and approaches to formulating them, there is relatively little empirical material that is incorporated into the structure or content of security policies. The purpose of the article is to fill this gap in the literature through this method of using the structure and methods of authentic information security policies. Having established the parameters and key features of university policies, the article critically examines the concept of information security embedded in the policy. Two important conclusions can be drawn from this study: 1) the wide variety of disparate policies and standards used, whether there will be a consistent approach to security management; and 2) the range of specific issues explicitly covered by university policy, a surprisingly low and highly technocentric view of information security management. This article is one of the first to objectively, rigorously and independently assess the content of authentic information security policies and information security documentation frameworks in a well-organized organizational environment. The article notes that there are four different levels of information policy: “system security policy, product security policy, community security policy, and corporate information security policy.” All policies involve: personal use of information systems, information disclosure, physical security, breaches and hacks, viruses, system access control, mobile computing, internet access, software development, encryption and contingency planning
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
